Third Quarter 2007 • Vol. 2 • No. 3

In This Issue

Yellow and Red Books: Working Together for Strong Government Audits
Through examination of selected standards, learn how the Yellow and Red Books complement each other and, when used together, can result in a stronger audit practice than either set of standards used on its own.

Taking Control of Risks: Five Common Spreadsheet Risks and Ways to Control Them
Most auditors have used spreadsheet software for common tasks like calculating complex revenue adjustments and preparing financial reports. And, while spreadsheets can be excellent tools during an audit, auditors need to be aware of their potential risks.

Add Value to Government Performance and Performance Audits
By testing performance measures, auditors can complement a regular performance auditing program and improve government performance and accountability.

Book Review: Federal Government Auditing: Laws, Regulations, Standards, Practices, and Sarbanes-Oxley
An internal auditor shares his views about Federal Government Auditing, a book written for anyone with an interest in government auditing and financial assurance.

IIA in Action
Global organizations enter working alliance.

GAP in the News
Catch up on recent news articles pertinent to government auditors.

Check out our repository of free online resources for government auditors on the Web, including sources for guidance, news, audit reports, performance measurements, audit programs, checklists, score cards, information technology, and more.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


Yellow and Red Books: Working Together for Strong Government Audits

Through examination of selected standards, learn how the Yellow and Red Books complement each other and, when used together, can result in a stronger audit practice than either set of standards used on its own.




Government auditors often serve as the internal auditor of a government organization, providing management with information to help yield effective and efficient operations, as well as minimize organizational risks. Charged with this responsibility, it is crucial that auditors have the right standards and guidance to help get the job done. The U.S. Government Accountability Office's (GAO's)  Government Auditing Standards (Yellow Book) and The Institute of Internal Auditors' (The IIA's) International Standards for the Professional Practice of Internal Auditing (Red Book) are the premier resources for government and nongovernment auditors, respectively. But will using both sets of standards benefit government audits?

A recent survey of IIA and Association of Local Government Auditors (ALGA) members  found that approximately 40 percent of government auditors surveyed use both the Yellow Book and the Red Book. "GAO and The IIA both believe that the two sets of standards complement each other and, used together, provide a foundation for a strong government audit practice," said GAO Assistant Director of Government Accounting Standards Marcia Buchanan, CPA. "The recently issued July 2007 Revision of Government Auditing Standards recognizes the complementary nature of these standards and encourages internal auditors to use the Red Book in conjunction with the Yellow Book for performance audits."

Susan Lione, IIA vice president of professional practices, agrees. "The IIA and GAO share the common goal of developing audit standards that promote the use of high-quality audits in the government sector. Both the Yellow Book and the Red Book provide a framework for conducting high-quality government audits with competence, integrity, objectivity, and independence and contain requirements for a quality assurance program. The Yellow Book adds a government focus to the standards to assist auditors with the unique concerns of auditing in the government sector."


Internal auditing is, as discussed in the Red Book, an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

The Yellow Book is built on the principles of oversight, transparency, and accountability for government organizations' operations and performance. Yellow Book audits provide transparency that stakeholders, oversight bodies, and the broader public need to hold government accountable; help improve program performance and operations; reduce taxpayer costs; and identify current and projected crosscutting issues and trends. Government audits conducted under both sets of standards used together provide an independent, objective, nonpartisan assessment of the stewardship, performance, and cost of government policies, programs, or operations.

Three areas of comparison between the Red Book and Yellow book are described in the following sections:

  • Independence and competence.
  • Assurance services and performance auditing.
  • Reporting.


Both sets of standards recognize that internal auditors need to maintain independence. The Red Book stresses that the internal audit activity should be independent and that internal auditors should be objective in performing their work. The Red Book also states that "the chief audit executive (CAE) should report to a level within the organization that allows the internal audit activity to fulfill its responsibilities. The internal audit activity should be free from interference in determining the scope of internal auditing, performing work, and communicating results."

The Yellow Book is compatible with the Red Book's definition of organizational independence for internal auditors and goes on to state that in all matters related to audit work, the audit organization and the individual auditor, whether government or public, must be free from personal, external, and organizational impairments to independence and must avoid the appearance of such impairments of independence.

Auditors conducting work under both sets of standards are required to be competent to perform their assigned work. In addition, as stated by both sets of standards, auditors are required to enhance their knowledge, skills, and other competencies through continuing professional education. The Yellow Book expands this by including specific levels and types of continuing professional education requirements for auditors performing work under Yellow Book standards. The Red Book says that internal auditors should keep informed about improvements and current developments in internal audit standards, procedures, and techniques. In addition, the Red Book encourages internal auditors to demonstrate their proficiency by obtaining appropriate professional certification, such as the certified internal auditor designation.


The IIA defines an assurance service as an objective examination of evidence for the purpose of providing an independent assessment on risk management, control, or governance processes for the organization. Examples include financial, performance, compliance, systems security, and due diligence engagements.

A performance audit, as described in the Yellow Book, is also an engagement that provides assurance or conclusions based on an examination of sufficient, appropriate evidence against stated criteria. Performance audits provide objective analysis so that management and those charged with governance and oversight can use the information to improve program performance and operations, reduce costs, initiate corrective action, and contribute to public accountability.

Used together, the Red and Yellow Books promote audits that are helpful to both management and oversight bodies by focusing on high-risk areas, but at the same time making information available to decision makers to help them make informed decisions.


In its discussion of audit report distribution, the Red Book requires that CAEs communicate the final results to parties who can help make sure that the results are given due consideration. Unless otherwise mandated by statutory or regulatory requirements, the CAE should assess the potential risk to the organization, consult with senior management and legal counsel as appropriate, and control dissemination by restricting the use of audit results prior to releasing results to parties outside the organization.

The Yellow Book's text is complementary to this report distribution requirement because it recognizes this IIA standard for internal auditors conducting an audit in accordance with the Yellow Book. For government auditors, the Yellow Book requires distribution of audit reports to those charged with governance, to the appropriate officials of the audited entity, and to the oversight bodies or organizations requiring or arranging the audits. For these auditors, the Yellow Book states that the auditors should also distribute copies of the reports to those authorized to receive such reports and other officials who have legal oversight authority or who may be responsible for implementing audit findings and recommendations.


When it comes to answering the question about whether using both sets of standards will benefit government audits, the answer is yes. The Yellow Book and the Red Book are compatible and complement each other. In some areas, the standards differ, but when used together, the Yellow and Red Books provide a comprehensive set of standards appropriate for many government audit environments. According to The IIA survey, the most cited reason for using both set of standards is that it provides additional credibility for reporting. Since auditors strive for credibility in their work, using the Yellow Book and the Red Book together is a winning choice for internal auditors in government organizations.

For additional information on the July 2007 Revision of Government Auditing Standards, send an e-mail to or call Jeanette Franzel, director, at +1-202-512-9471 or Marcia Buchanan, assistant director, at +1-202-512-9321. Both also can be contacted via e-mail at and, respectively. Electronic versions of Government Auditing Standards, including the January 2007 revision, are available on the Web at For additional information on The IIA's International Standards for the Professional Practice of Internal Auditing, send an e-mail to An electronic version is available on the Web at

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


Taking Control of Risks: Five Common Spreadsheet Risks and Ways to Control Them

Most auditors have used spreadsheet software for common tasks like calculating complex revenue adjustments and preparing financial reports. And, while spreadsheets can be excellent tools during an audit, auditors need to be aware of their potential risks.


Spreadsheet software is seldom a cause for concern or suspicion during a financial audit even though it should be — spreadsheets can be easily changed, may lack certain internal control activities, and are vulnerable to human error. Some auditors may believe there is little reason for concern because they have used the same software and the spreadsheets it produces for many years. However, there are good reasons for concern. A spreadsheet is much like the lens of a camera. Through this lens, an auditor can view an organization's financial data, but an auditor's view of reality might be skewed if the lens is dirty or even slightly flawed. Therefore, it is important for auditors to be aware of risks associated with spreadsheet use, five of which are detailed in the following paragraphs.

Five Common Spreadsheet Controls

  1. Training users.
  2. Setting documentation standards.
  3. Establishing data entry controls.
  4. Using good security procedures.
  5. Backing up data frequently.

To read about more risks, visit the IT Compliance Institute's Web site.


Spreadsheet training is not just for beginner auditors. In fact, lack of adequate training will result in poor to mediocre results, such as improper referencing, linking to other spreadsheets, or using inaccurate formulas to master complex calculations.

The Committee of Sponsoring Organizations of the Treadway Commission's Internal Control over Financial Reporting guidance requires a commitment to competence, which is important for internal control. Spreadsheet training for all auditors is one aspect of internal control. Long-term learning plans that incorporate spreadsheet training will help make sure users are up-to-date with the latest version of the spreadsheet in use. In addition to free Excel online training from Microsoft's Web site or free Lotus 1-2-3 training from IBM's site, the American Institute of Certified Public Accountants' Journal of Accountancy has a special section each month devoted to using technology tools. There is also a variety of software for auditing spreadsheets that may be appropriate for widespread use in an organization.


If the policies and procedures to mitigate spreadsheet risks are inadequate, errors will become more common, lack of consistency will show up in internal control audit reports, and the efficiency of the financial function will be hampered. Therefore, the style, content, and accountability for spreadsheets should be documented in the organization's policies and procedures or in the spreadsheet used.

Documentation is a best practice to explain how spreadsheets are used. Organizations need to explain — in common language within the workbook file, on the worksheet (e.g., at the top of the page), or in written policies and procedures — the spreadsheet's purpose and intended functions so other users can read the instructions before using it. If documentation is kept separately (e.g., a policies and procedures document), it should identify the style and organizationwide requirements for using spreadsheets. Also, an inventory of spreadsheets used to prepare complex financial tasks or financial statements will help to ensure where adequate documentation is needed. And, above all, documentation needs to be kept up-to-date and include who was responsible for preparing or updating the spreadsheet or policy.


People are all creatures of habit, which is one reason why spreadsheets are reused from year to year. Another common reason is employee turnover or transfers. However, after cutting and pasting information, the spreadsheet might not work the way it did before — formulas could be damaged, links could be broken, or cells could be overwritten.

Taking Control of Risks

Using Microsoft Excel's data verification tool to avoid errors

To help mitigate spreadsheet recycling risks, auditors need to make sure the information input into a spreadsheet is as good as the information expected to be output by:

  • Saving input data separately from the active spreadsheet used for calculations.
  • Using a control total (i.e., a result obtained by subjecting a set of data to an algorithm for purposes of checking the data at the time the algorithm is applied) can prevent errors in formulas totaling columns of data, numbers, or dollars to make sure what you see is what you get from the spreadsheet.
  • Using self-checks, like a hash or batch total, to verify that formula results are accurate.
  • Using an automatic tool to stop errors from creeping into spreadsheets.
  • Verifying that spreadsheet templates are not changed accidentally by using password protection.


Distractions like phone calls, chatty coworkers, and coffee breaks are common reasons workers make data entry errors such as skipped entries or transposed numbers. A 2004 PricewaterhouseCoopers paper (PDF, 116 KB) shows that up to 91 percent of sophisticated spreadsheets contain errors. In addition, if auditors know there are spreadsheet errors, so do fraudsters. Auditors in most situations are not expected to detect every fraud, but do have a duty to take reasonable steps to detect situations that may lead to fraud. This is because inadequate spreadsheet controls may lead to errors, misstatements, and possibly fraud.

To help prevent fraud, several laws and regulations in the United States (e.g., the USA Patriot Act, the Foreign Corrupt Practices Act, the U.S. Sarbanes-Oxley Act of 2002, Statement on Auditing Standard No. 99, and Auditing Standard No. 5) have developed an array of regulatory compliance mechanisms, which are meant to deter persons from criminal activities. These laws and regulations have emphasized the importance for the auditor — internal or external — to continuously be on the lookout for misstatements that could have been intentional.

One way to reduce the number of spreadsheet errors and to help mitigate fraud is to limit access to files. A spreadsheet is no different than other software, so access to spreadsheet information should be limited to persons on a need-to-know basis, which can deter fraudsters. Furthermore, storing important spreadsheets in an access-limited server can protect information from prying eyes. If open-access file storage is used, implementing password-limited access makes sense with these spreadsheets. Locked access to certain cells also can protect valuable formulas from tampering.


Failure to back up data is a common and sometimes fatal error resulting in the loss of hours of data entry for computer users that applies equally to all software tools, including spreadsheets. Hardware and software breakdowns do occur from time to time, and backing up regularly and frequently is the best prevention for the spreadsheet user. As a general rule, it's always easier to retrieve information from the backup than redo the entire spreadsheet. The auto-save function in spreadsheet software is a reliable means for preventing accidental loss of data in the event of errors or malfunctions.


Whether an organization is large or small, spreadsheets were an overlooked risk by many people until Sarbanes-Oxley mandated spreadsheet controls compliance in Section 404. Flexibility, ease of use, and transferability are a few of the advantages of electronic spreadsheets. Yet, these same features that make spreadsheets useful also make them risky. The five examples in this article emphasize the need for auditors to treat spreadsheets with skepticism and to instill controls to mitigate these risks as they relate to their own use of the tool.

Larry R. Metz, CIA, CCSA, CGAP, CPA, is an auditor and accountant at the Wisconsin Department of Natural Resources. He is a frequent speaker at professional events, serves as president of the Madison IIA Chapter, and is a faculty member of the Wisconsin Performance Improvement Network.

Can you spot a spreadsheet error from a mile away?
Want to win a FREE book?

If so, download this sales report spreadsheet, identify at least one error, and e-mail your answer to the editor. All submissions received by Friday, Sept. 21 will be entered in a drawing to win one of four free books. Winners will be notified via e-mail on Monday, Sept. 24.

Error Spreadsheet




All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


Add Value to Government Performance and Performance Audits

By testing performance measures, auditors can complement a regular performance auditing program and improve government performance and accountability.



Performance auditing of government services is a widely accepted practice that adds value to government performance by recommending improvements to the economy, efficiency, and effectiveness of programs. Various high-leverage roles and practices concerning how government auditors relate to performance measurement also add value to performance and accountability, and some of these practices can increase the value of performance audits. One such practice is auditing or testing the relevance and reliability of performance measurement. Leaders in the field have found testing performance measures and data to be a faster practice to conduct than performance auditing, and sometimes, a more far-reaching audit tool that complements a regular performance auditing program.


The Five Major Roles

Role 1: Audit Performance or Performance Management Systems. Auditing or assessing performance or performance management systems.

Role 2: Assess Performance Information. Assessing the quality of performance information or performance reports.

Role 3: Define or Measure Performance. Developing performance measures or measuring performance outside the traditional audit process.

Role 4: Encourage or Assist Management. Planning, designing, improving, or advocating for performance management systems and their use.

Role 5: Assist Elected Officials or Citizens. External reporting, capacity building, or advocacy for the use of performance information.

Assessing performance information is one of five major roles (see "The Five Major Roles" sidebar) described in the Framework of Auditor Roles and Practices With Respect to Performance Measurement, which is the focus of the project Auditor Roles in Performance Measurement, a partnership of The Institute of Internal Auditors (The IIA), the Association of Local Government Auditors, and the National Association of State Auditors, Comptrollers, and Treasurers. The framework was first published in 2004 in the guidebook Auditor Roles in Government Performance Measurement  and is based on the practices of progressive auditors across North America who have helped to strengthen government accountability and performance management.


A useful starting point for auditors to enhance the ways they improve government performance and accountability is by assessing the quality of performance information or performance reports (i.e., Role 2). The first of three practices under this role — Practice 2a: Test Relevance or Reliability — is important because the relevance of performance information refers to how well performance measures are aligned with goals and objectives and how useful they are for accountability and decision making. Reliability refers to how well defined current performance measures are and whether data for the measures are accurate and precise enough for decision making and accountability.

Testing performance information is sometimes done as part of an agency performance audit, but some audit offices have found it valuable to test performance measures as separate audit projects on the premise that no matter how well agencies are run, their accountability and ability to improve will be hampered by a lack of useful performance information. These performance information audits can be done considerably faster, and involve less auditor time (e.g., 25 to 40 staff hours per measure to test reliability, much less to test relevance), than full performance audits of an agency's operations. Total time used depends on how many performance measures an audit office decides to test. Some audit offices, following the example of the Texas State Auditor, assign each measure they test to a certification category to clarify the status of an agency's measures and needs for improvement.


Auditors' testing of performance measures can add value to the government organizations they serve by helping agencies make higher quality performance information available. Government organizations capture that value by using the information to improve accountability, decision making, and managing for results.

By assuring the quality of performance information, auditors also add value to their existing performance audit practices. When agencies have relevant, reliable performance data, auditors don't have to spend a lot of time collecting primary data to assess a program or an organization's basic performance, which frees up auditor time for higher-value activities. Examples of how audit offices have captured this value include:

  • By conducting faster, more efficient performance audits. Florida's Office of Program Policy Analysis and Government Accountability (OPPAGA) used the measure of the food stamp error rate to find that high food stamp errors cost the state US $2.2 million for fscal years 2001 and 2002.
  • By conducting more thorough performance audits, such as deeper evaluations of impact on the population served. OPPAGA does this when the legislature wants an evaluation of policies or programs whose effects are not apparent from regularly reported agency performance data, as it did in an evaluation of Bright Futures scholarships. After analyzing databases on student test scores and transcripts, OPPAGA concluded that, although other factors may have contributed, students who were eligible for the Bright Futures scholarships took more demanding courses and performed better than students who graduated before the scholarships became available.
  • By using reliable performance information as part of an organizationwide risk assessment to pick future performance audits. In the risk assessment model used by the Office of the City Auditor (OCA), performance trends are a part of a planning and performance risk factor, which represents 20 percent of total risk factors — the highest-weighted factor in the model. OCA considers increases and decreases in performance, how performance compares with external benchmarks (when available), and whether adequate meaningful performance measures are in place to help the OCA find higher-value targets for its regular program of performance auditing.

Once the quality of performance information has significantly improved, the audit organization may then find it useful to reduce its level of effort testing relevance and reliability, and to focus more on other practices, for example, helping agency managers make better use of performance data (i.e., part of Role 4 – Encourage or Assist Management).


In addition to the audit offices previously mentioned, examples of 14 local, state, and provincial audit organizations across North America that have been testing relevance and reliability of performance information are posted on the Auditor Roles in Performance Measurement Web site. The site also provides examples of five audit organizations that use the related practice of assuring performance reports.


Auditor Roles in Government Perf

Auditor Roles in Government Performance Measurment is now available as a free download  (PDF, 1.4 MB).

A newly launched Web site, developed in partnership with The IIA, provides an online informational and training resource center focused on auditor roles in performance measurement. The site includes, for the first time, a free download of the book Auditor Roles in Government Performance Measurement and other informational materials including:

  • A comprehensive overview of the Framework of Auditor Roles and Practices With Respect to Performance Measurement.
  • Detailed examples and case studies of audit organizations engaged in this work and profiles of audit organizations featured in the examples.
  • A practical, hands-on toolkit for auditors that includes data collection instruments, methodologies for various practices, guidance papers, audit criteria, audit steps, and full audit programs. There are a particularly large number of tools posted for Role 2Assess Performance Information.
  • Professional context for these auditor roles and practices, including the historical evolution of the roles and practices, broader models of government performance, and special professional issues of concern (e.g., maintaining auditor independence).
  • An extensive resource library with links to other sources of relevant information.

In addition to the content on the Web site, training courses are provided as part of this project. The course "A New Service Model: Auditor Roles in Government Performance Measurement" can help auditors determine their best opportunities for adapting new practices to use in the government organizations they serve. The courses "Assessing the Quality of Performance Information and Performance Reports" and "Assessing the Reliability and Relevance of Performance Information" are particularly focused on Role 2. For more information, send a message through the Contact Us page of the Web site.

Paul Epstein is project manager of Auditor Roles in Performance Measurement. Epstein authored or co-authored three books: Using Performance Measurement in Local Government, Results That Matter, and Auditor Roles in Government Performance Measurement. With more than 25 years of experience in performance measurement and improvement, he has assisted governments at all levels and the United Nations, influenced passage of the U.S. Government Performance and Results Act of 1993, and helps the U.S. Governmental Accounting Standards Board conduct research and develop guidance on performance reporting. Epstein is the recipient of the 2003 Harry Hatry Distinguished Performance Measurement Practice Award for lifetime achievement.
Alina Simone, an associate consultant of Epstein & Fass, is responsible for content management of the Auditor Roles in Performance Measurement Web site. Her primary focus is international projects related to community indicators, which measure performance from the citizen perspective, and applying the firm's Effective Community Governance Model, which combines citizen engagement and measuring results. She holds a master's degree in public administration from New York University.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


Federal Government Auditing


Federal Government Auditing: Laws, Regulations, Standards, Practices,
and Sarbanes-Oxley

By Edward F. Kearney, Rolden Fernandez, Jeffrey W. Green, and Cornelius E. Tierney
Copyright 2006
ISBN 978-0-471-74048-3
Paperback, 344 Pages
John Wiley & Sons Publishing









Federal Government Auditing: Laws, Regulations, Standards, Practices, and Sarbanes-Oxley was written to assist private and federal employees interested in government auditing and financial assurance. The authors set out to provide a single-source of information through the various laws, regulations, standards, and practices that pertain to anyone who is auditing for the federal government.


The book is structured in four parts: Part I – Background of Federal Auditing, Part II – Federal Budgeting, Accounting, and Financial Statements, Part III – Auditing in the Federal Government, and Part IV – Nature of Selected Federal Audits.

Part I – Background of Federal Auditing
This section discusses in detail the evolution of government auditing and provides an overview of the foundation for auditing in the federal government. The authors provide substantial criteria and authority for the federal audit — from the first Congressional provisions for an auditor and comptroller within the U.S. Department of Treasury, the U.S. Treasury Act of 1789, and the U.S. Constitution. The text also discusses more current federal financial and audit criteria, authorities, laws, regulations, standards, and Congressional Acts and amendments (e.g., the U.S. Federal Financial Management Improvement Act of 1996, the U.S. Sarbanes-Oxley Act of 2002, and the most recent revision of the U.S. Office of Management and Budget (OMB) Circular A-123) and how they have, will, or may affect federal auditing.

Part II – Federal Budgeting, Accounting, and Financial Statements
Part II provides an in-depth overview of the federal budgeting, accounting, and financial statements. The authors present a descriptive view of past and present concepts, systems, theories, and life-cycle descriptions of federal budgeting, accounting, and financial reports. The book offers brief descriptions of past budget concepts such as PPBS (i.e., planning, programming, budgeting systems), zero-based budgeting, and management by objectives, as well as the more recent planning, programming, budgeting, and execution concept with a flow chart showing the various steps involved. The authors provide an in-depth chart breaking down the responsible bodies for each of the 15 accounting events in financing federal programs and activities.

Part III – Auditing in the Federal Government
This section provides overviews, discussions, outlines, and models of the federal audit, as well as illustrations of audit reports. The authors discuss in detail with step-by-step charts, the four major phases of the federal audit: planning, internal control, testing, and reporting. The chart of the federal audit model and audit planning model are presented in a way that will prove helpful to all auditors. And after each overview, outline, or model, there are detailed discussion and explanations. For example, after the federal audit model, the authors provide in-depth explanations of the model's key elements, such as:

  • Management assertions, audit tests, procedures, and activities.
  • Audit evidence.
  • Sampling.
  • Materiality.
  • Discreditable acts.

Part IV – Nature of Selected Federal Audits
This section provides specific examples of four of the more common federal audits. The selected audits — single audits, performance audits, procurement and contract audits, and grant audits — are fully discussed, outlined, and modeled for the reader.


As an experienced federal auditor, I found Federal Government Auditing to be informative on many levels. Many of us in the federal audit field have not taken the time to explore our profession's roots, and the authors provide an effective exploratory overview of the history of federal auditing from the United States' infancy through present day.

Federal Government Auditing is a great review of the many in-depth steps and processes that make up a successful federal audit and will remain on my desk as a future reference. Although this book is helpful for new and seasoned auditors, some of the material is quickly becoming obsolete (e.g., the 2007 revision of Government Auditing Standards is not mentioned). However, even as the federal government evolves, this book is packed with timeless information on the audit process. Personally, I found Parts III and IV to be the most informative and useful as they provided in-depth background, definitions, and working examples that I can use as part of my daily activities as a federal auditor.

My overall opinion of the book is positive, as is the response from several individuals within my office. I hold no reservations in recommending Federal Government Auditing as a reference to anyone that plans to audit within the federal government.


It is important to remember that laws, regulations, standards, and practices are constantly changing and evolving, so any one book claiming to be a single resource will inevitably become obsolete. With this in mind, it is the auditor's duty to make sure he or she learns as much as possible about the laws, regulations, standards, and practices that may affect the course or subject of the audit. Federal Government Auditing will provide a federal auditor or potential federal auditor with a well-formed foundation and a number of effective tools to assist in the building of a successful government audit.

Jonathan L. Gallinger, CGAP, is an internal auditor for the U.S. Defense Logistics Agency at the Defense Supply Center of Philadelphia. He has previously worked in accounting for the U.S. Department of Veterans Affairs and is a former U.S. Army combat engineer. Gallinger also worked as a logistics manager in the public sector.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


IIA in Action


The IIA and the International Organization of Supreme Audit Institutions (INTOSAI) recently signed a memorandum of understanding (MOU) to further their relationship in the global practice of auditing. The MOU grants The IIA observer status of INTOSAI’s Professional Standards Committee (PSC) Steering Committee and the Subcommittee on Internal Control Standards. Accordingly, INTOSAI will observe The IIA Standards Board and other related committees.

At The IIA's 2007 International Conference in Amsterdam, where the MOU was signed, INTOSAI Secretary General Dr. Josef Moser delivered a keynote address stating, "INTOSAI and The IIA believe that the goals of both organizations are strongly interlinked and that mutual support in our strategic orientation would be to the benefit of both organizations." A copy of Dr. Moser's entire speech is available at

INTOSAI and The IIA both promote their respective professions on a global scale by setting international professional standards, developing technical tools, promoting professional training, and sharing information with like-minded organizations. INTOSAI is the global organization of the Supreme Audit Institutions (SAIs), which oversees federal government audits and promotes sound financial management and accountability in governments within 186 countries.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


GAP in the News

U.S. Government Accountability Office Issues July 2007 Revision of Government Auditing Standards
The revision contains fundamental changes from the 2003 revision that reinforce the principles of transparency and accountability and provide the framework for high-quality government audits.

South Africa: Figuring Out a Path for Auditor Liability
The world's six largest audit firms combined forces to issue a report about how global financial reporting and public company audit procedures should be adapted.

Audit Office Admits Capacity Problems
Malawi's National Audit Office lacks staff capacity to scrutinize all government accounting departments.

Auditors Give Thumbs Up to a Minnesota County's Funds
The first independent audit of the Mower County's finances is complete, and copies of the audit are now available for dissemination.

OCEG Releases Government Contracting Guidance for Public Exposure and Comment
The Open Compliance and Ethics Group (OCEG) has released the public exposure draft of its Government Contracts Domain, an integrated database of guidance providing U.S. federal government contractors and subcontractors with a clear path to compliance. OCEG will accept public comments on the draft through Oct. 15, 2007.

UK Government Shared Services Spending Is on the Rise
Shared services spending in the UK public sector is forecast to hit US $1.27 billion in 2012 compared to just US $311 million this year, according to analyst Datamonitor.,3800010403,39168360,00.htm

Audit Cites Overpaid Medicare Insurers
In a new report, investigators from the U.S. Government Accountability Office said private insurance companies participating in Medicare have been allowed to keep tens of millions of dollars that should have gone to consumers.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


EDITOR'S NOTE: If you have a favorite online resource that you use, please let us know about it! You can e-mail the editor.


The following sites provide useful information about government audit standards, benchmarking, and best practices.

American Institute of Certified Public Accountants (AICPA) has developed industry-specific guidance regarding financial accounting and reporting matters.

Associations for Government Auditors is a site offered by the AICPA that lists pertinent associations that serve the unique needs of government auditors. It's listed as a tool for audit committees, but also is useful to auditors in the field.

Auditor Independence and Performance Measurement is examined by the Auditor Roles in Performance Measurement Project. Independence issues are viewed through the lenses of U.S. Government Auditing Standards (Yellow Book) and comments by auditors whose offices have played non-traditional roles related to performance measurement.

Auditor Performance Measurement Toolkit includes guidance papers, data collection instruments, methodologies for various practices, audit criteria, audit steps, and full audit programs from government audit offices across North America.

Canada's New Policy on Internal Audit outlines Canada's new internal audit policy that highlights significant measures to increase accountability and transparency in the federal government.

Chartered Accountants of Canada offers a brochure designed to help elected officials, the media, and taxpayers enhance their understanding of, and ask good questions about, government finances and financial statements. It also contains public sector accounting news and updates.  

Government Auditing Standards 2007 Revision (Yellow Book) supersedes the 2003 revision, including amendments 1 through 3. Its provisions are effective for financial audits and attestation engagements of periods beginning on or after Jan. 1, 2008, and for performance audits beginning on or after Jan. 1, 2008. Early application is permissible.

Government Performance Models that portray how things should work if appropriate systems, practices, and controls are in place and managed properly can provide a basis for useful criteria for auditing performance-based systems. These models also provide a context for how auditor roles and practices contribute to improving performance or making governance more effective.

Professional Practices Framework (PPF), developed and maintained by The IIA, offers practitioners a full range of internal audit guidance.

U.S. Office of Management and Budget (OMB) Circulars includes instructions or information issued by OMB to federal agencies. Circulars are indexed by major categories: Budget, State and Local Governments, Educational and Non-profit Institutions, Federal Procurement, Federal Financial Management, Federal Information Resources/Data Collection, Other Special Purpose.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.



American Institute of Certified Public Accountant Government News provides news pertinent to government auditors in their Governmental Audit Quality Center.

Center for Public Integrity News is a nonprofit, nonpartisan, tax-exempt organization that conducts investigative research and reporting on public policy issues in the United States and around the world.

CNN and Time Magazine's Politics Page offers news and commentary on U.S. politics.

Ethics in the News provides a selection of ethics-related news stories gathered from all over the Web in order to stimulate ethical reflection and debate.

Federal Computer Week provides late-breaking government news, as well as topical news in the following departments: management, e-government, policy, homeland security, technology, security, defense, state, and local (at bottom of news page).

Foreign Policy is a source for global politics, economics, and ideas.

Government Innovators Network, produced by The Ash Institute for Democratic Governance and Innovation at Harvard's John F. Kennedy School of Government, is a marketplace of ideas and examples of government innovation.

Government Technology focuses on U.S. state and local government technology issues with the following categories: Government Information Services, Homeland Security, Integration and Collaboration, E-government, International, Justice and Public Safety, and Local Government.

GovSpot News offers comprehensive government news broken into the following categories: World, Federal, State and Local, Legislative, Departments, Military, Legal, Technology, Government Employees, Government Contractors.

United Nations (U.N.) News Service includes news stories involving the U.N. It also breaks international news into categories: Peace and Security, Economic Development, Humanitarian Aid, Environment, Human Rights, U.N. Affairs, Women/Children/Population, Law/Crime Prevention, Health/Poverty, Culture/Education.

World News Connection provides materials to the National Technical Information Service by the Foreign Broadcast Information Service (FBIS). Analysts from the FBIS's domestic and overseas bureaus monitor timely and pertinent open-source materials.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


Audit Reports

The following Web sites provide access to hundreds of audit reports that can be used as templates and for benchmarking purposes.

Audit Practice Aids (includes audit programs) is provided by the Auditor of State for Iowa and includes guidelines setting forth accounting and auditing standards to be applied in audits of governmental subdivisions. These guidelines include audit programs and sample reports.

Audit Report Search Engine enables users to search for a U.S. Department of Labor audit reports by year, region, or a combination.

Audit Reports by Country is provided by INTOSAI and includes an extensive audit report repository by country.

DOI's Environmental Audit Reports is provided by the U.S. Department of the Interior.

Examples of Auditor Roles and Practices with Respect to Performance Measurement demonstrates how auditors across North America perform these practices. Many of the examples have links to reports of audits using these practices.

Extensive List of Audit Reports: Federal Communications Commission includes audit reports issued from 1994 to 2006.

Foreign Audit Reports — offered by the United States Department of Agriculture — are comprehensive audits of foreign country inspection systems to ensure compliance with the Federal Meat Inspection Act, the Poultry Inspection Act, and the Egg Products Inspection Act. Current and past reports are available for download.

Government Accountability Office Audit Report Search Engine contains reports on audits, surveys, investigations, and evaluations of federal programs conducted by the GAO. All published reports, testimonies, correspondence, and special publications are included.

Medical Outcomes Audit Program is provided by the U.S. Food and Drug Administration.

National State Auditors Association's  (NSAA's) Audit Report Search Engine was includes location and/or topic parameters. The site consists of summary paragraphs describing key information contained in issued audit reports. Each summary paragraph provides a link to obtain the complete report.

Searchable Single Audit Database enables users to search for audit reports by auditee name, complete nine-digit EIN, or state abbreviation.  

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


Performance Measurements

Advancing Government Performance: Auditor Roles in Performance Measurement is a resource center that gives auditors a tools, methodologies, and practices to improve how government performance is measured and managed. This Web site is part of a collaborative project among The IIA, the Association of Local Government Auditors (ALGA), and the National Association of State Auditors, Comptrollers, and Treasurers (NASACT).

Center for Disease Control Performance Measurement Resources includes links with extensive information helpful for conducting an evaluation project. Resources are divided into the following groups:

  • Ethics, Principles, and Standards
  • Organizations, Societies, Foundations, Associations
  • Journals and Online Publications
  • Step-by-Step Manuals
  • Logic Model Resources
  • Planning and Performance Improvement Tools
  • Reports and Publications: General
  • Reports and Publications: GPRA
  • Suggestions

Citizen-driven Government Performance Measurement Case Studies features narratives of citizen-driven initiatives that involve citizens in the measurement of government performance.

Example Performance Indicators offers samples of indicators used in the Comparative Performance Measurement Program — including sample graphs — for the following services: police, fire and emergency medical, neighborhood, and support services.

Fairfax County Performance Measurement Initiative offers manuals, a training slide show, and other resources used by Fairfax County, Va., to measure performance.

Glossary of Performance Measurement Terms lists definitions for performance measurement terms from "accountability" to "verification."

Performance Measurements for Government lists measurement initiatives broken down into the following categories: local, state, federal, international, higher education, public not-for-profit, and resources by service area.

The International City/County Management Association's Center for Performance Measurement is dedicated to helping local governments measure, compare, and improve municipal service delivery. ICMA's Comparative Performance Measurement Program currently assists more than 100 cities and counties in the United States and Canada with the collections, analysis, and application of performance information.  

Performance Measurement Association is a global network based in the United Kingdom for those interested in the theory and practice of performance measurement and management.

Performance Measurement: Guidelines, Myths, and Examples provides guidelines for selecting measurements, myths about measurements, examples of measurements, and general resources.

Performance Measurement Handbooks
This site contains the following Performance Measurement documents:

  • Establishing an Integrated Performance Measurement System
  • How to Measure Performance — A Handbook of Techniques and Tools
  • Guidelines for Performance Measurement (DOE G 120.1-5)
  • A Brief Overview of Performance Measurement in the U.S. Department of Energy
  • A Guide to Strategically Planning, Training, and Measuring Results
  • Balancing Measures: Best Practices in Performance Management  
  • Serving the American Public: Best Practices in Performance Measurement 
  • Performance Measurement of Research and Development (R&D) Activities

Reporting Performance Information presents a set of suggested criteria for use in developing external reports on performance information.

Resources for Risk: Benchmarking and Performance Measurement includes a list of online resources to provide background on the uses and processes of benchmarking and performance measurement put out by the Public Entity Risk Institute.

Sample Data-collection Template is a template used by Kansas City, Mo.

The Center on Municipal Government Performance is creating ways in which the public can fairly and accurately monitor, assess, and/or measure the performance of certain governmental functions that people consider critically important.

The Performance Institute is a private, nonpartisan think tank improving government results through the principles of performance, competition, transparency, and accountability.

The Public Performance Measurement and Reporting Network provides a collection of citizen surveys, performance measurement manuals, and a bibliography of performance measurement and citizen satisfaction.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


Audit Programs

The following Web sites provide samples of audit programs across a variety of sectors.

17 Examples of Audit Programs is provided by the Office of the City Auditor, San Jose, Calif.

Audit Practice Aids (with audit programs) includes guidelines from the Auditor of State for Iowa setting forth accounting and auditing standards to be applied in audits of governmental subdivisions. These guidelines include audit programs and sample reports.

Auditor Tools for Assessing Performance Information includes audit programs for verifying or certifying performance measures by auditors from Austin, Texas; Colorado Springs, Colo.; and Maricopa County, Ariz. Related tools include audit steps from the Texas State Auditor and the Alberta, Canada, Auditor General, and methodologies or guidance from other North American auditors.

Department of Justice Audit Program is a site helpful for evaluating the process for identifying, preventing, and recovering improper and erroneous payments.

Drug and Alcohol Testing Audit Program is provided by the U.S. Federal Transit Administration.

Focused Assessment Program Documents are used by the U.S. Customs and Border Protection regulatory auditors when conducting focused assessments. While these documents contain the audit program, sampling methodology, and technical information for pre-assessment survey, they also provide guidance for importers.

Human Resource Audit Program is provided by the Oregon state government Web site.

National Performance Audit Program is provided by the Environmental Protection Agency.

Performance Audit Program is provided by USAID, an independent federal government agency that receives overall foreign policy guidance from the Secretary of State.

Rural Rental Housing Audit Program provides instruction and guidance for independent public accountants in conducting agreed-upon procedures engagements of recipients of Rural Development loans, except for those audits required to be performed in accordance with the U.S. Office of Management and Budget Circular A-133.

Small Business Administration Audit Program is provided by the Office of the Inspector General, U.S. Small Business Administration.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.



The following links provide examples of checklists of varying scopes, objectives, and styles. These checklists can be used as templates and modified to conform to an audit's unique objectives.

AICPA Government Checklists, Questionnaires, and Guidelines is an extensive list of government checklists put out by the American Institute of Certified Public Accountants (AICPA), including New Engagement Checklists made available in May 2005.

Asbestos Management Plan Self-Audit Checklist is put out by the U.S. Environmental Protection Agency and is useful for testing for asbestos in schools.

Audit Checklists for Initial Equivalence and Audit Cover Letter Samples are available for download from the United States Department of Agriculture's Web site. The sample topics include enforcement, sanitation, residue control, and animal disease.

Board of Corrections Juvenile Crime Enforcement and Accountability Checklist is produced with California government to assist counties in determining if they are maintaining an adequate audit trail.

Court Security Audit Checklist is a thorough, 48-page checklist to assess security at courthouses.

Government Peer-review Audit Engagement Checklist is useful for government entities subject to GASB Statement 34/35.

Government Peer-review Audit Engagement Checklist is useful for government entities not yet subject to GASB Statement 34/35.

HUD Audit Checklist is a checklist put out by the U.S. Department of Housing and Urban Development.

Labor Housing Inspection Checklist is used by the state of Oregon to inspect labor campgrounds.

OSHA's Self-inspection Checklist is a checklist put out by the U.S. Department of Labor's Occupational Safety & Health Administration to help organizations comply with OSHA standards.

Purchasing Card Procedures Checklist: State Purchasing Review serves as a guide when conducting an internal review of purchasing card procedures. Though this is tailored to Utah's regulations, it could be adjusted and modified.

Quality Assurance Plan Checklist is provided as part of the evaluation process for the Quality Assurance Plan. The checklist assists designated reviewers in determining whether specifications meet criteria established in HUD's System Development Methodology. The objective of the evaluation is to determine whether the document complies with HUD development methodology requirements.

Quality Systems Audit Checklist provides detailed instruction for how the Food and Drug Administration performs a quality systems audit.

Recipient Control Environment Assessment Checklist is a good general checklist that is broken into a control environment checklist — incorporating risk factors such as management's attitude, awareness, and actions concerning an organization's control environment — and a risk assessment checklist — including control techniques that should be reviewed in order to determine the risk level for each recipient of USAID funds.

Recipient Organization Checklist Eligibility Compliance is used by the U.S. Mint to evaluate eligibility and payment policies and procedures.

Request for Proposal Checklist for CPA Services for Government Organizations is put out by the AICPA to be used by the government's audit committee or its equivalent oversight body to ensure the organization's request for proposal is complete and contains the necessary elements for the successful procurement of professional auditing services.

Safety Audit Checklists offers a sampling of safety audit checklists from various Canadian governments.

Safety Audit Checklist for Hazardous Materials offers sample checklists useful for performing an audit of policies related to the storage, treatment, and disposal of hazardous materials, as well as a host of other considerations and control criteria.

Sample Local Government Audit Report Review Checklist is a very thorough, 59-page audit report-writing checklist, including categories such as cover page, table of contents, auditor's report, financial statements, notes to financial statements, and more.

School Safety Audit Checklist is a checklist based on work done by the Virginia State Education Department and modified by the New York State Police as a resource for school personnel.

Team Captain Checklist: System Reviews is put out by the AICPA for peer reviews (not government-specific).

Total Quality Systems Audit Supplier Guidelines is provided by the U.S. Department of Agriculture Farm Service Agency Commodity Operations.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


Scorecard/Progress Report Examples

Government auditors are often evaluating the effectiveness of government programs and producing progress reports and scorecards. The following links provide some examples of these valuable reports, which government auditors can use as templates for their own reports.

2000 Community Scorecard for Austin, Texas, provides information on how the city is delivering services in four major categories: Public Safety; Youth, Family, and Neighborhood Vitality; Sustainable Community; and Affordability. The community scorecard focuses on service delivery from four perspectives. First, it assesses the priority that citizens place on that service delivery. Second, it measures customer satisfaction with the city services provided. Third, results measures are included that assess city performance over time. Lastly, efficiency and input measures are included that compare Austin to other jurisdictions. The goal of this document is that it be used to contribute to a productive dialogue on how well city services are provided to the citizens of Austin.

2003 First Quarter Progress Report for Denver includes the following categories: General Government, Independent Agencies, Finance CPD Revenue, General Services, Parks and Recreation, Public Works, Environmental Health, Human Services, and Safety.

Comprehensive Performance Indicator Report for Phoenix is a city manager executive report that provides policy makers and managers with comprehensive and timely executive level information to evaluate the progress of city programs and activities, determine the effectiveness of resource utilization, and identify strengths, weaknesses, and opportunities in the organization. The report also provides checkpoints for planning, forecasting, and budgeting.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


Information Technology

The following Web sites provide a variety of IT-related resources useful in government auditing.

E-Government Articles use information technology to open government and government information to the public, to enable government agencies to share information for public benefit, to enable online transactions, and to enhance democracy.

IIA Technology Center includes Global Technology Audit Guide, ITAudit (a free online publication), and other IT resources. 

Institute for Electronic Government
is dedicated to helping government leaders understand and unleash the power of information technology to transform government in a digital society.

Technology in Government is a list of professional organizations pertinent to the use of technology in government.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


Sector-specific Links

The following links are broken down into government industries to provide auditors with tools pertinent to their specific field.

Academic Associations lists centers for public policy, public affairs, and government sponsored by various U.S. universities.

Development/Land Use includes links pertaining to development planning, affordable-housing programs, finance agencies, economic development, land conservation, civic leagues, and more.

Environment/Waste Management contains a detailed list of resources for water, sewage, pollution prevention, recycling, sustainable community projects, environment, and more.

Government Managers features a comprehensive list of online resources and professional organizations for government managers.

Health Care features links for state health departments, mental health resources, Medicare and Medicaid services, state medical boards, health data organizations, public health organizations, and more.

Public Education has an extensive listing of associations that support public education.

Public Pension Systems, provided by the Association of Public Pension Fund Auditors, under "References and Links" lists the following resources:

  • Statements of Key Investment Risks and Common Practices to Address Those Risks
  • Operational Risks of Defined Benefit and Related Plans and Controls to Mitigate Those Risks
  • Example Audit Committee Charter
  • Example Internal Audit Department Charter
  • APPFA Model Ethics Policy
  • Links to Public Employee Retirement Systems

Public Safety provides links for law enforcement, emergency management, courts, crime prevention, corrections, Homeland Security, and more.

Public Utilities

American Public Power Association's purpose is to advance the public policy interests of its members and their consumers and provide services to ensure adequate, reliable electricity at a reasonable price with the proper protection of the environment. Their Web site offers numerous resources to help auditors in the public utilities industry.

Public Utilities Fortnightly is an online publication free to all industry professionals. Its purpose is to keep professionals on track and up-to-date with clear, balanced, timely coverage each month. It serves all facets of the energy industry, giving visitors insight and perspective on developments involving investor-owned power and gas utilities.

National Association of Regulatory Utility Commissioners (NARUC) is a nonprofit organization consisting of government agencies that are engaged in the regulation of utilities and carriers in the United States, Puerto Rico, and the Virgin Islands. NARUC's member agencies regulate the activities of telecommunications, energy, and water utilities. NARUC's mission is to serve the public interest by improving the quality and effectiveness of public utility regulation.

Transportation offers links to a host of transportation associations and resources.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


International Resources

The following sites provide links to pertinent international resources for government auditors — including international standards, resources, and various publications. 

Audit Commission is an independent public body in the United Kingdom responsible for ensuring that public money is spent economically, efficiently, and effectively in the areas of local government, housing, health, criminal justice, and fire and rescue services.

Audit Reports by Country is a site by INTOSAI that provides an extensive audit report repository by country.

Australian National Audit Office (ANAO) is a specialist public sector practice providing a full range of audit services to the Parliament and Commonwealth public sector agencies and statutory bodies.

Corruption Prevention Network is an international organization committed to fighting fraud and corruption in the public sector.

International Audit Offices

British Columbia


Hong Kong

New Zealand

Nova Scotia

United Kingdom

United States

If you would like to have your country's audit office added, e-mail the editor.

International Federation of Accountants' Guidance for Public Sector includes an extensive list of documents containing IFAC standards, handbooks, studies, reports, papers, and exposure drafts.

International Journal of Government Auditing is a free online newsletter published quarterly (January, April, July, October) in Arabic, English, French, German, and Spanish on behalf of INTOSAI (International Organization of Supreme Audit Institutions). The journal, which is the official organ of INTOSAI, is dedicated to the advancement of government auditing procedures and techniques.

Organisation for Economic Co-operation and Development groups 30 member countries sharing a commitment to democratic government and the market economy. With active relationships with some 70 other countries, nongovernmental organizations, and civil society, it has a global reach. Best known for its publications and its statistics, its work covers economic and social issues, such as macroeconomics, trade, education, development, and science and innovation.

Reports, Guidelines, and Publications:  New South Wales , Australia, offers auditor-general reports, guides to better practice, questionnaires used in audits, speeches and presentations, special reports to parliament, and more.

Transparency International (TI) is an international nongovernmental organization devoted to combating corruption. Through its International Secretariat in Berlin and its more than 85 independent national chapters around the world, TI works at both the international and national level to curb the supply and demand of corrupt practices.

World Government Resources includes the following categories: World Fact Book, U.S. Embassies, Exploring Countries, World Rulers, Constitution Finder, Worldwide Governments,, International Documents, United Nations, Political Resources, Library of Congress, Background Notes (by U.S. State Department), International Court of Justice.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


U.S. Resources


A-Z Index of U.S. Government Departments and Agencies is a comprehensive list of federal and state Web sites, including state home pages.

Code of Federal Regulations (CFR) is the codification of the general and permanent rules published in the Federal Register by the executive departments and agencies of the federal government. It is divided into 50 titles that represent broad areas subject to federal regulation. Each volume of the CFR is updated once each calendar year and is issued on a quarterly basis.

Cross-agency Portals are gateways that bring together federal information and services from multiple agencies about a particular topic or for a particular customer group.

Federal Acquisition Regulation (FAR) is designed to help the government auditor gain access to the current FAR, as well as FAR documents, references, and other information.

The Federal Audit Clearinghouse operates on behalf of the Office of Management and Budget (OMB) to disseminate audit information to federal agencies and the public; support OMB oversight and assessment of federal award audit requirements; assist federal cognizant and oversight agencies in obtaining OMB Circular A-133 data and reporting packages; and help auditors and auditees minimize the reporting burden of complying with Circular A-133 audit requirements.

Federal Executive Offices, Departments, Agencies, and More includes Executive Office of the President; Executive Departments; Independent Agencies and Government Corporations; Boards, Commissions and Committees; Quasi-official Agencies; and more.

Federal Judicial Links: Supreme Court, Lower Courts, Special Courts, and More includes Web sites that pertain to the Supreme Court, lower courts, special courts, support organizations, and more.

Federal Laws and Regulations: General Reference Resources contains practical and historical sites that relate to federal, state, and local laws and regulations.

Federal Legislative Links: Senate, House of Representatives, and More includes Web sites that pertain to Congress and agencies that support Congress, as well as informational links.

FedTravel is the complete online government travel planning tool and keeps auditors up to date on travel regulations.

Government Leader explores how everyday leaders — charged with managing federal acquisition programs, government finances, technology initiatives, and a workforce numbering in the millions — solve tough questions, overcome challenges, and improve operations inside the world's largest enterprise.

The National Archives is the U.S. Government's collection of documents that records important events in American history. The National Archives and Records Administration (NARA) is the government agency that preserves and maintains these materials and makes them available for research. Auditors could reference this site for record retention, as well as other useful tools.

National Associations' Home Pages lists a comprehensive array of links for national government organizations, from Airports Council International/North America to Western Governors' Association.

Office of Management and Budget (OMB) evaluates the effectiveness of federal programs, policies, and procedures; assesses competing funding demands among agencies; and sets funding priorities. OMB ensures that agency reports, rules, testimony, and proposed legislation are consistent with the president's budget and with administration policies.

THOMAS provides legislative information from the Library of Congress, especially bills in congress and laws. This site is a good source to check on the status of appropriation bills.

United States Code is the codification by subject matter of the general and permanent laws of the United States. It is divided by broad subjects into 50 titles and published by the Office of the Law Revision Counsel of the U.S. House of Representatives.

U.S. Government Online Libraries and Databases contains national, federal, agency, and local libraries; online library databases; and grants and benefits for libraries.

U.S. Government Telephone and E-mail Directories  is an exhaustive list of sundry government directories — everything from toll-free numbers to hotlines to a military personnel locator.

U.S. Government Search Engines provides links to the following government search engines: FirstGov, Google, Government Guide (AOL),, GPO Access,,


Government Finance Officers Association is the professional association of state/provincial and local finance officers in the United States and Canada. Members are dedicated to the sound management of government financial resources.

Resources for State and Local Government Employees offers a variety of resources for government employees broken into the following categories: Agriculture and Environment; Disasters and Emergencies; Economic Development and Infrastructure; Education and Employment; Grants and Financial Management; Health and Families; News and Networking; Online Services; Public Safety and Law; Statistics at the State and Local Levels; Technology, Science, and Innovation.

State Legislature Home Pages provides direct links to state legislature pages.

State Research Organizations breaks down an extensive list of research organizations by state.

Statistics at the State and Local Levels offers census data, fact books, statistics, software, and sundry reports.

The Washington State Auditor's Office works in cooperation with audit clients and citizens as an advocate for government accountability. As an elected agency, the State Auditor's Office has the independence necessary to objectively perform audits and investigations. The audits are designed to comply with professional standards, as well as to satisfy the requirements of federal, state, and local laws.

Washington State Joint Legislative Audit and Review Committee (JLARC) carries out independent performance audits, program evaluations, sunset reviews, and other policy and fiscal studies on behalf of the legislature and the citizens of Washington State.

The State Administrative and Accounting Manual (SAAM) provides control and accountability over financial and administrative affairs of the state of Washington, and assists agencies in gathering and maintaining information needed for the preparation of financial statements.


Cities, Counties, and Towns includes 50 state directories. Click on one to retrieve a list of that state's city government Web sites.  

County Information includes information on counties, such as county officials, courthouse addresses, county seats, cities within a county, statistics, and geographical information. To see a listing of the counties for a state, select a state from the map on the main page.

Home Pages for Cities With Populations of 150,000+ includes the largest cities in states that would not otherwise be represented.

Home Pages for Counties With Populations of 500,000+ includes consolidated city-county governments listed under City Home Pages.

Statistics at the State and Local Levels contains census data, fact books, statistics, and reports.

Tribal Government Web Sites includes pages for tribal governments listed by tribal name — as opposed to breaking them up by states.

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.


Associations for Government Auditors

American Institute of Certified Public Accountants (AICPA)

The Association of Certified Fraud Examiners (ACFE)

Association of Local Government Auditors (ALGA)

Association of Government Accountants (AGA)

The Cooperative Audit Resolution and Oversight Initiative (CAROI)

Federal Accounting Standards Advisory Board (FASAB)

Federal Inspectors General

Financial Accounting Standards Board (FASB)

The Institute of Internal Auditors

National Association of State Auditors, Controllers, and Treasurers (NASACT)

All contents of this Web site, except where expressly stated, are the copyrighted property of The Institute of Internal Auditors Inc.